Thursday, 2 May 2013

Innovation Vouchers for Cyber Security

The Technology
Strategy Board within the UK has recently provided access to funding (up
to £5,000) for SMEs, entrepreneurs and early stage start-ups looking to gain
assurance around their ‘Cyber Security’.

Funding IT Security
and assurance activity can be a real barrier to SMEs. When it is placed against
other competing priorities, it often does not win the battle for internal
funding. Nevertheless it remains a key enabler to business success. The UK
Government stepping in to provide help with funding is a really positive step
and a great opportunity for SMEs to overcome the funding barrier.

This blog post takes a
look at the funding on offer and more importantly provides clarity around the
terms used. This will enable organisations to clearly identify those areas they
want to engage with and make best use of this external funding.

First important note:

Closing date for
applications is the 24th July 2013 and is for UK based companies.

Second important note:

Don't be put off or
confused by the term 'Cyber'.

We are actually
talking about information technology and computers.

For more background on
what 'Cyber' and 'Cyber Security' actually means take a look at my last blog
post.

Innovation Vouchers
for Cyber Security

The Innovation
Vouchers can be used to secure specialist services and consulting to help with
the following:

Businesses looking to protect new
inventions and business processes.

Businesses looking to ‘cyber audit' their
existing processes.

Businesses looking to move online and
develop a technology strategy.

Business start-ups looking to develop an
idea into a working prototype and needing to build cyber security into the
business from the very beginning.

This offers quite a
range of options and many business projects could be aligned to fit and therefore
be eligible for funding, But lets take a look at one specific area
and see what could be done.

Businesses looking
to ‘cyber audit' their existing processes

Lets take 'Cyber' as meaning
information technology and an 'Audit' meaning a systematic review or
assessment. Then a 'Cyber Audit' in this context is more simply put as an audit
of the organisations information security controls.

Audits are great for
looking at the policy and processes within an organisation, where as a
technical assessment will test that those controls actually deliver the
required or expected level of security. The key here is to choose the most
appropriate engagement for your own requirements.

Why would conducting an audit be a good step to take?

Today our business environment is more complex and interconnected than ever
before. Business environments rely on electronic data as their lifeblood and
the systems that enable the storage, transport, access and manipulation of this
data have become critical. This has resulted in an era where networks and the
applications sitting within them have become the very backbone of every
organisation, regardless of their size and market sector.

An audit or assessment of an organisation’s current approach to security can be
used to identify if adequate information security management is in place
to protect the level of information asset being hosted, stored, transmitted or
processed.

Just remember to choose a security consultancy that will work in close
partnership with you to tailor the solution required and not just sell you a
'Cyber Product'.

A good engagement will leave you with a clear understanding of areas
for improvement, the potential impact to you and more importantly what can be
done to address these.

A bad engagement will most likely leave you swimming in a sea of FUD
(Fear, Uncertainty and Doubt) and the frequency of the word
'Cyber' is likely to be proportional to the amount
of proprietary solutions that the vendor sells to fix the issues
they find.

Conclusion

Costs can be a
significant barrier for SMEs when it comes to security and the use of jargon
can get in the way of our understanding of what can be done and why it is
important.

However, even small organisations need to be aware of their exposure to
security. So, with the use of funding and approaching it from a knowledgeable
position you can drive an engagement that will enable your organisation to gain
an understanding of the security risks you carry and how to start
addressing them in a risk based manner.

If you are looking to make use of this voucher then more information can be
found here.

Followers

Blog Disclaimer

All data and information provided on this site is for informational purposes only. The opinions expressed by individual Bloggers and those providing comments are theirs alone, and do not reflect the opinions of 7 Elements Ltd. 7 Elements Ltd is not responsible for the accuracy of any of the information supplied by the Bloggers.